<!DOCTYPE HTML>

<html lang="en">
<head>

<title>AbstractUserDetailsAuthenticationProvider (spring-security-docs 5.6.3 API)</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="../../../../../stylesheet.css" title="Style">
<link rel="stylesheet" type="text/css" href="../../../../../jquery/jquery-ui.css" title="Style">
<script type="text/javascript" src="../../../../../script.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip/dist/jszip.min.js"></script>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils.min.js"></script>
<!--[if IE]>
<script type="text/javascript" src="../../../../../jquery/jszip-utils/dist/jszip-utils-ie.min.js"></script>
<![endif]-->
<script type="text/javascript" src="../../../../../jquery/jquery-3.5.1.js"></script>
<script type="text/javascript" src="../../../../../jquery/jquery-ui.js"></script>
</head>
<body>
<script type="text/javascript"><!--
    try {
        if (location.href.indexOf('is-external=true') == -1) {
            parent.document.title="AbstractUserDetailsAuthenticationProvider (spring-security-docs 5.6.3 API)";
        }
    }
    catch(err) {
    }
//-->
var data = {"i0":6,"i1":10,"i2":10,"i3":10,"i4":10,"i5":10,"i6":10,"i7":10,"i8":10,"i9":10,"i10":6,"i11":10,"i12":10,"i13":10,"i14":10,"i15":10,"i16":10,"i17":10,"i18":10};
var tabs = {65535:["t0","All Methods"],2:["t2","Instance Methods"],4:["t3","Abstract Methods"],8:["t4","Concrete Methods"]};
var altColor = "altColor";
var rowColor = "rowColor";
var tableTab = "tableTab";
var activeTableTab = "activeTableTab";
var pathtoroot = "../../../../../";
var useModuleDirectories = true;
loadScripts(document, 'script');</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
<header role="banner">
<nav role="navigation">
<div class="fixedNav">

<div class="topNav"><a id="navbar.top">

</a>
<div class="skipNav"><a href="AbstractUserDetailsAuthenticationProvider.html#skip.navbar.top" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.top.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_top">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<ul class="navListSearch">
<li><label for="search">SEARCH:</label>
<input type="text" id="search" value="search" disabled="disabled">
<input type="reset" id="reset" value="reset" disabled="disabled">
</li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_top");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.top">

</a></div>

</div>
<div class="navPadding">&nbsp;</div>
<script type="text/javascript"><!--
$('.navPadding').css('padding-top', $('.fixedNav').css("height"));
//-->
</script>
</nav>
</header>

<main role="main">
<div class="header">
<div class="subTitle"><span class="packageLabelInType">Package</span>&nbsp;<a href="package-summary.html">org.springframework.security.authentication.dao</a></div>
<h2 title="Class AbstractUserDetailsAuthenticationProvider" class="title">Class AbstractUserDetailsAuthenticationProvider</h2>
</div>
<div class="contentContainer">
<ul class="inheritance">
<li>java.lang.Object</li>
<li>
<ul class="inheritance">
<li>org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider</li>
</ul>
</li>
</ul>
<div class="description">
<ul class="blockList">
<li class="blockList">
<dl>
<dt>All Implemented Interfaces:</dt>
<dd><code>org.springframework.beans.factory.Aware</code>, <code>org.springframework.beans.factory.InitializingBean</code>, <code>org.springframework.context.MessageSourceAware</code>, <code><a href="../AuthenticationProvider.html" title="interface in org.springframework.security.authentication">AuthenticationProvider</a></code></dd>
</dl>
<dl>
<dt>Direct Known Subclasses:</dt>
<dd><code><a href="DaoAuthenticationProvider.html" title="class in org.springframework.security.authentication.dao">DaoAuthenticationProvider</a></code></dd>
</dl>
<hr>
<pre>public abstract class <span class="typeNameLabel">AbstractUserDetailsAuthenticationProvider</span>
extends java.lang.Object
implements <a href="../AuthenticationProvider.html" title="interface in org.springframework.security.authentication">AuthenticationProvider</a>, org.springframework.beans.factory.InitializingBean, org.springframework.context.MessageSourceAware</pre>
<div class="block">A base <a href="../AuthenticationProvider.html" title="interface in org.springframework.security.authentication"><code>AuthenticationProvider</code></a> that allows subclasses to override and work with
<a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails"><code>UserDetails</code></a> objects. The class is
designed to respond to <a href="../UsernamePasswordAuthenticationToken.html" title="class in org.springframework.security.authentication"><code>UsernamePasswordAuthenticationToken</code></a> authentication
requests.
<p>
Upon successful validation, a <code>UsernamePasswordAuthenticationToken</code> will be
created and returned to the caller. The token will include as its principal either a
<code>String</code> representation of the username, or the <a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails"><code>UserDetails</code></a> that was
returned from the authentication repository. Using <code>String</code> is appropriate
if a container adapter is being used, as it expects <code>String</code> representations
of the username. Using <code>UserDetails</code> is appropriate if you require access to
additional properties of the authenticated user, such as email addresses,
human-friendly names etc. As container adapters are not recommended to be used, and
<code>UserDetails</code> implementations provide additional flexibility, by default a
<code>UserDetails</code> is returned. To override this default, set the
<a href="AbstractUserDetailsAuthenticationProvider.html#setForcePrincipalAsString(boolean)"><code>setForcePrincipalAsString(boolean)</code></a> to <code>true</code>.
<p>
Caching is handled by storing the <code>UserDetails</code> object being placed in the
<a href="../../core/userdetails/UserCache.html" title="interface in org.springframework.security.core.userdetails"><code>UserCache</code></a>. This ensures that subsequent requests with the same username can be
validated without needing to query the <a href="../../core/userdetails/UserDetailsService.html" title="interface in org.springframework.security.core.userdetails"><code>UserDetailsService</code></a>. It should be noted
that if a user appears to present an incorrect password, the <a href="../../core/userdetails/UserDetailsService.html" title="interface in org.springframework.security.core.userdetails"><code>UserDetailsService</code></a>
will be queried to confirm the most up-to-date password was used for comparison.
Caching is only likely to be required for stateless applications. In a normal web
application, for example, the <tt>SecurityContext</tt> is stored in the user's session
and the user isn't reauthenticated on each request. The default cache implementation is
therefore <a href="../../core/userdetails/cache/NullUserCache.html" title="class in org.springframework.security.core.userdetails.cache"><code>NullUserCache</code></a>.</div>
</li>
</ul>
</div>
<div class="summary">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.summary">

</a>
<h3>Field Summary</h3>
<table class="memberSummary">
<caption><span>Fields</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Field</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<td class="colFirst"><code>protected boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#hideUserNotFoundExceptions">hideUserNotFoundExceptions</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="rowColor">
<td class="colFirst"><code>protected org.apache.commons.logging.Log</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#logger">logger</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr class="altColor">
<td class="colFirst"><code>protected org.springframework.context.support.MessageSourceAccessor</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#messages">messages</a></span></code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.summary">

</a>
<h3>Constructor Summary</h3>
<table class="memberSummary">
<caption><span>Constructors</span><span class="tabEnd">&nbsp;</span></caption>
<tr>
<th class="colFirst" scope="col">Constructor</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr class="altColor">
<th class="colConstructorName" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#%3Cinit%3E()">AbstractUserDetailsAuthenticationProvider</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
</table>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.summary">

</a>
<h3>Method Summary</h3>
<table class="memberSummary">
<caption><span id="t0" class="activeTableTab"><span>All Methods</span><span class="tabEnd">&nbsp;</span></span><span id="t2" class="tableTab"><span><a href="javascript:show(2);">Instance Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t3" class="tableTab"><span><a href="javascript:show(4);">Abstract Methods</a></span><span class="tabEnd">&nbsp;</span></span><span id="t4" class="tableTab"><span><a href="javascript:show(8);">Concrete Methods</a></span><span class="tabEnd">&nbsp;</span></span></caption>
<tr>
<th class="colFirst" scope="col">Modifier and Type</th>
<th class="colSecond" scope="col">Method</th>
<th class="colLast" scope="col">Description</th>
</tr>
<tr id="i0" class="altColor">
<td class="colFirst"><code>protected abstract void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails,org.springframework.security.authentication.UsernamePasswordAuthenticationToken)">additionalAuthenticationChecks</a></span>&#8203;(<a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails">UserDetails</a>&nbsp;userDetails,
<a href="../UsernamePasswordAuthenticationToken.html" title="class in org.springframework.security.authentication">UsernamePasswordAuthenticationToken</a>&nbsp;authentication)</code></th>
<td class="colLast">
<div class="block">Allows subclasses to perform any additional checks of a returned (or cached)
<code>UserDetails</code> for a given authentication request.</div>
</td>
</tr>
<tr id="i1" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#afterPropertiesSet()">afterPropertiesSet</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i2" class="altColor">
<td class="colFirst"><code><a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#authenticate(org.springframework.security.core.Authentication)">authenticate</a></span>&#8203;(<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authentication)</code></th>
<td class="colLast">
<div class="block">Performs authentication with the same contract as
<a href="../AuthenticationManager.html#authenticate(org.springframework.security.core.Authentication)"><code>AuthenticationManager.authenticate(Authentication)</code></a>
.</div>
</td>
</tr>
<tr id="i3" class="rowColor">
<td class="colFirst"><code>protected <a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#createSuccessAuthentication(java.lang.Object,org.springframework.security.core.Authentication,org.springframework.security.core.userdetails.UserDetails)">createSuccessAuthentication</a></span>&#8203;(java.lang.Object&nbsp;principal,
<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authentication,
<a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails">UserDetails</a>&nbsp;user)</code></th>
<td class="colLast">
<div class="block">Creates a successful <a href="../../core/Authentication.html" title="interface in org.springframework.security.core"><code>Authentication</code></a> object.</div>
</td>
</tr>
<tr id="i4" class="altColor">
<td class="colFirst"><code>protected void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#doAfterPropertiesSet()">doAfterPropertiesSet</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i5" class="rowColor">
<td class="colFirst"><code>protected <a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#getPostAuthenticationChecks()">getPostAuthenticationChecks</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i6" class="altColor">
<td class="colFirst"><code>protected <a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#getPreAuthenticationChecks()">getPreAuthenticationChecks</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i7" class="rowColor">
<td class="colFirst"><code><a href="../../core/userdetails/UserCache.html" title="interface in org.springframework.security.core.userdetails">UserCache</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#getUserCache()">getUserCache</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i8" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#isForcePrincipalAsString()">isForcePrincipalAsString</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i9" class="rowColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#isHideUserNotFoundExceptions()">isHideUserNotFoundExceptions</a></span>()</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i10" class="altColor">
<td class="colFirst"><code>protected abstract <a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails">UserDetails</a></code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#retrieveUser(java.lang.String,org.springframework.security.authentication.UsernamePasswordAuthenticationToken)">retrieveUser</a></span>&#8203;(java.lang.String&nbsp;username,
<a href="../UsernamePasswordAuthenticationToken.html" title="class in org.springframework.security.authentication">UsernamePasswordAuthenticationToken</a>&nbsp;authentication)</code></th>
<td class="colLast">
<div class="block">Allows subclasses to actually retrieve the <code>UserDetails</code> from an
implementation-specific location, with the option of throwing an
<code>AuthenticationException</code> immediately if the presented credentials are
incorrect (this is especially useful if it is necessary to bind to a resource as
the user in order to obtain or generate a <code>UserDetails</code>).</div>
</td>
</tr>
<tr id="i11" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper)">setAuthoritiesMapper</a></span>&#8203;(<a href="../../core/authority/mapping/GrantedAuthoritiesMapper.html" title="interface in org.springframework.security.core.authority.mapping">GrantedAuthoritiesMapper</a>&nbsp;authoritiesMapper)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i12" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#setForcePrincipalAsString(boolean)">setForcePrincipalAsString</a></span>&#8203;(boolean&nbsp;forcePrincipalAsString)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i13" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#setHideUserNotFoundExceptions(boolean)">setHideUserNotFoundExceptions</a></span>&#8203;(boolean&nbsp;hideUserNotFoundExceptions)</code></th>
<td class="colLast">
<div class="block">By default the <code>AbstractUserDetailsAuthenticationProvider</code> throws a
<code>BadCredentialsException</code> if a username is not found or the password is
incorrect.</div>
</td>
</tr>
<tr id="i14" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#setMessageSource(org.springframework.context.MessageSource)">setMessageSource</a></span>&#8203;(org.springframework.context.MessageSource&nbsp;messageSource)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i15" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#setPostAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker)">setPostAuthenticationChecks</a></span>&#8203;(<a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a>&nbsp;postAuthenticationChecks)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i16" class="altColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#setPreAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker)">setPreAuthenticationChecks</a></span>&#8203;(<a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a>&nbsp;preAuthenticationChecks)</code></th>
<td class="colLast">
<div class="block">Sets the policy will be used to verify the status of the loaded
<tt>UserDetails</tt> <em>before</em> validation of the credentials takes place.</div>
</td>
</tr>
<tr id="i17" class="rowColor">
<td class="colFirst"><code>void</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#setUserCache(org.springframework.security.core.userdetails.UserCache)">setUserCache</a></span>&#8203;(<a href="../../core/userdetails/UserCache.html" title="interface in org.springframework.security.core.userdetails">UserCache</a>&nbsp;userCache)</code></th>
<td class="colLast">&nbsp;</td>
</tr>
<tr id="i18" class="altColor">
<td class="colFirst"><code>boolean</code></td>
<th class="colSecond" scope="row"><code><span class="memberNameLink"><a href="AbstractUserDetailsAuthenticationProvider.html#supports(java.lang.Class)">supports</a></span>&#8203;(java.lang.Class&lt;?&gt;&nbsp;authentication)</code></th>
<td class="colLast">
<div class="block">Returns <code>true</code> if this <Code>AuthenticationProvider</Code> supports the
indicated <Code>Authentication</Code> object.</div>
</td>
</tr>
</table>
<ul class="blockList">
<li class="blockList"><a id="methods.inherited.from.class.java.lang.Object">

</a>
<h3>Methods inherited from class&nbsp;java.lang.Object</h3>
<code>clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait</code></li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
<div class="details">
<ul class="blockList">
<li class="blockList">

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="field.detail">

</a>
<h3>Field Detail</h3>
<a id="logger">

</a>
<ul class="blockList">
<li class="blockList">
<h4>logger</h4>
<pre>protected final&nbsp;org.apache.commons.logging.Log logger</pre>
</li>
</ul>
<a id="messages">

</a>
<ul class="blockList">
<li class="blockList">
<h4>messages</h4>
<pre>protected&nbsp;org.springframework.context.support.MessageSourceAccessor messages</pre>
</li>
</ul>
<a id="hideUserNotFoundExceptions">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>hideUserNotFoundExceptions</h4>
<pre>protected&nbsp;boolean hideUserNotFoundExceptions</pre>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="constructor.detail">

</a>
<h3>Constructor Detail</h3>
<a id="&lt;init&gt;()">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>AbstractUserDetailsAuthenticationProvider</h4>
<pre>public&nbsp;AbstractUserDetailsAuthenticationProvider()</pre>
</li>
</ul>
</li>
</ul>
</section>

<section role="region">
<ul class="blockList">
<li class="blockList"><a id="method.detail">

</a>
<h3>Method Detail</h3>
<a id="additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails,org.springframework.security.authentication.UsernamePasswordAuthenticationToken)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>additionalAuthenticationChecks</h4>
<pre class="methodSignature">protected abstract&nbsp;void&nbsp;additionalAuthenticationChecks&#8203;(<a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails">UserDetails</a>&nbsp;userDetails,
                                                       <a href="../UsernamePasswordAuthenticationToken.html" title="class in org.springframework.security.authentication">UsernamePasswordAuthenticationToken</a>&nbsp;authentication)
                                                throws <a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a></pre>
<div class="block">Allows subclasses to perform any additional checks of a returned (or cached)
<code>UserDetails</code> for a given authentication request. Generally a subclass
will at least compare the <a href="../../core/Authentication.html#getCredentials()"><code>Authentication.getCredentials()</code></a> with a
<a href="../../core/userdetails/UserDetails.html#getPassword()"><code>UserDetails.getPassword()</code></a>. If custom logic is needed to compare additional
properties of <code>UserDetails</code> and/or
<code>UsernamePasswordAuthenticationToken</code>, these should also appear in this
method.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>userDetails</code> - as retrieved from the
<a href="AbstractUserDetailsAuthenticationProvider.html#retrieveUser(java.lang.String,org.springframework.security.authentication.UsernamePasswordAuthenticationToken)"><code>retrieveUser(String, UsernamePasswordAuthenticationToken)</code></a> or
<code>UserCache</code></dd>
<dd><code>authentication</code> - the current request that needs to be authenticated</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a></code> - AuthenticationException if the credentials could
not be validated (generally a <code>BadCredentialsException</code>, an
<code>AuthenticationServiceException</code>)</dd>
</dl>
</li>
</ul>
<a id="afterPropertiesSet()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>afterPropertiesSet</h4>
<pre class="methodSignature">public final&nbsp;void&nbsp;afterPropertiesSet()
                              throws java.lang.Exception</pre>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code>afterPropertiesSet</code>&nbsp;in interface&nbsp;<code>org.springframework.beans.factory.InitializingBean</code></dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code>java.lang.Exception</code></dd>
</dl>
</li>
</ul>
<a id="authenticate(org.springframework.security.core.Authentication)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>authenticate</h4>
<pre class="methodSignature">public&nbsp;<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authenticate&#8203;(<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authentication)
                            throws <a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a></pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../AuthenticationProvider.html#authenticate(org.springframework.security.core.Authentication)">AuthenticationProvider</a></code></span></div>
<div class="block">Performs authentication with the same contract as
<a href="../AuthenticationManager.html#authenticate(org.springframework.security.core.Authentication)"><code>AuthenticationManager.authenticate(Authentication)</code></a>
.</div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../AuthenticationProvider.html#authenticate(org.springframework.security.core.Authentication)">authenticate</a></code>&nbsp;in interface&nbsp;<code><a href="../AuthenticationProvider.html" title="interface in org.springframework.security.authentication">AuthenticationProvider</a></code></dd>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>authentication</code> - the authentication request object.</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>a fully authenticated object including credentials. May return
<code>null</code> if the <code>AuthenticationProvider</code> is unable to support
authentication of the passed <code>Authentication</code> object. In such a case,
the next <code>AuthenticationProvider</code> that supports the presented
<code>Authentication</code> class will be tried.</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a></code> - if authentication fails.</dd>
</dl>
</li>
</ul>
<a id="createSuccessAuthentication(java.lang.Object,org.springframework.security.core.Authentication,org.springframework.security.core.userdetails.UserDetails)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>createSuccessAuthentication</h4>
<pre class="methodSignature">protected&nbsp;<a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;createSuccessAuthentication&#8203;(java.lang.Object&nbsp;principal,
                                                     <a href="../../core/Authentication.html" title="interface in org.springframework.security.core">Authentication</a>&nbsp;authentication,
                                                     <a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails">UserDetails</a>&nbsp;user)</pre>
<div class="block">Creates a successful <a href="../../core/Authentication.html" title="interface in org.springframework.security.core"><code>Authentication</code></a> object.
<p>
Protected so subclasses can override.
</p>
<p>
Subclasses will usually store the original credentials the user supplied (not
salted or encoded passwords) in the returned <code>Authentication</code> object.
</p></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>principal</code> - that should be the principal in the returned object (defined by
the <a href="AbstractUserDetailsAuthenticationProvider.html#isForcePrincipalAsString()"><code>isForcePrincipalAsString()</code></a> method)</dd>
<dd><code>authentication</code> - that was presented to the provider for validation</dd>
<dd><code>user</code> - that was loaded by the implementation</dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the successful authentication token</dd>
</dl>
</li>
</ul>
<a id="doAfterPropertiesSet()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>doAfterPropertiesSet</h4>
<pre class="methodSignature">protected&nbsp;void&nbsp;doAfterPropertiesSet()
                             throws java.lang.Exception</pre>
<dl>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code>java.lang.Exception</code></dd>
</dl>
</li>
</ul>
<a id="getUserCache()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getUserCache</h4>
<pre class="methodSignature">public&nbsp;<a href="../../core/userdetails/UserCache.html" title="interface in org.springframework.security.core.userdetails">UserCache</a>&nbsp;getUserCache()</pre>
</li>
</ul>
<a id="isForcePrincipalAsString()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>isForcePrincipalAsString</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;isForcePrincipalAsString()</pre>
</li>
</ul>
<a id="isHideUserNotFoundExceptions()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>isHideUserNotFoundExceptions</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;isHideUserNotFoundExceptions()</pre>
</li>
</ul>
<a id="retrieveUser(java.lang.String,org.springframework.security.authentication.UsernamePasswordAuthenticationToken)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>retrieveUser</h4>
<pre class="methodSignature">protected abstract&nbsp;<a href="../../core/userdetails/UserDetails.html" title="interface in org.springframework.security.core.userdetails">UserDetails</a>&nbsp;retrieveUser&#8203;(java.lang.String&nbsp;username,
                                            <a href="../UsernamePasswordAuthenticationToken.html" title="class in org.springframework.security.authentication">UsernamePasswordAuthenticationToken</a>&nbsp;authentication)
                                     throws <a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a></pre>
<div class="block">Allows subclasses to actually retrieve the <code>UserDetails</code> from an
implementation-specific location, with the option of throwing an
<code>AuthenticationException</code> immediately if the presented credentials are
incorrect (this is especially useful if it is necessary to bind to a resource as
the user in order to obtain or generate a <code>UserDetails</code>).
<p>
Subclasses are not required to perform any caching, as the
<code>AbstractUserDetailsAuthenticationProvider</code> will by default cache the
<code>UserDetails</code>. The caching of <code>UserDetails</code> does present
additional complexity as this means subsequent requests that rely on the cache will
need to still have their credentials validated, even if the correctness of
credentials was assured by subclasses adopting a binding-based strategy in this
method. Accordingly it is important that subclasses either disable caching (if they
want to ensure that this method is the only method that is capable of
authenticating a request, as no <code>UserDetails</code> will ever be cached) or
ensure subclasses implement
<a href="AbstractUserDetailsAuthenticationProvider.html#additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails,org.springframework.security.authentication.UsernamePasswordAuthenticationToken)"><code>additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken)</code></a>
to compare the credentials of a cached <code>UserDetails</code> with subsequent
authentication requests.
</p>
<p>
Most of the time subclasses will not perform credentials inspection in this method,
instead performing it in
<a href="AbstractUserDetailsAuthenticationProvider.html#additionalAuthenticationChecks(org.springframework.security.core.userdetails.UserDetails,org.springframework.security.authentication.UsernamePasswordAuthenticationToken)"><code>additionalAuthenticationChecks(UserDetails, UsernamePasswordAuthenticationToken)</code></a>
so that code related to credentials validation need not be duplicated across two
methods.
</p></div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>username</code> - The username to retrieve</dd>
<dd><code>authentication</code> - The authentication request, which subclasses <em>may</em>
need to perform a binding-based retrieval of the <code>UserDetails</code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd>the user information (never <code>null</code> - instead an exception should
the thrown)</dd>
<dt><span class="throwsLabel">Throws:</span></dt>
<dd><code><a href="../../core/AuthenticationException.html" title="class in org.springframework.security.core">AuthenticationException</a></code> - if the credentials could not be validated
(generally a <code>BadCredentialsException</code>, an
<code>AuthenticationServiceException</code> or
<code>UsernameNotFoundException</code>)</dd>
</dl>
</li>
</ul>
<a id="setForcePrincipalAsString(boolean)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setForcePrincipalAsString</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setForcePrincipalAsString&#8203;(boolean&nbsp;forcePrincipalAsString)</pre>
</li>
</ul>
<a id="setHideUserNotFoundExceptions(boolean)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setHideUserNotFoundExceptions</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setHideUserNotFoundExceptions&#8203;(boolean&nbsp;hideUserNotFoundExceptions)</pre>
<div class="block">By default the <code>AbstractUserDetailsAuthenticationProvider</code> throws a
<code>BadCredentialsException</code> if a username is not found or the password is
incorrect. Setting this property to <code>false</code> will cause
<code>UsernameNotFoundException</code>s to be thrown instead for the former. Note
this is considered less secure than throwing <code>BadCredentialsException</code>
for both exceptions.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>hideUserNotFoundExceptions</code> - set to <code>false</code> if you wish
<code>UsernameNotFoundException</code>s to be thrown instead of the non-specific
<code>BadCredentialsException</code> (defaults to <code>true</code>)</dd>
</dl>
</li>
</ul>
<a id="setMessageSource(org.springframework.context.MessageSource)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setMessageSource</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setMessageSource&#8203;(org.springframework.context.MessageSource&nbsp;messageSource)</pre>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code>setMessageSource</code>&nbsp;in interface&nbsp;<code>org.springframework.context.MessageSourceAware</code></dd>
</dl>
</li>
</ul>
<a id="setUserCache(org.springframework.security.core.userdetails.UserCache)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setUserCache</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setUserCache&#8203;(<a href="../../core/userdetails/UserCache.html" title="interface in org.springframework.security.core.userdetails">UserCache</a>&nbsp;userCache)</pre>
</li>
</ul>
<a id="supports(java.lang.Class)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>supports</h4>
<pre class="methodSignature">public&nbsp;boolean&nbsp;supports&#8203;(java.lang.Class&lt;?&gt;&nbsp;authentication)</pre>
<div class="block"><span class="descfrmTypeLabel">Description copied from interface:&nbsp;<code><a href="../AuthenticationProvider.html#supports(java.lang.Class)">AuthenticationProvider</a></code></span></div>
<div class="block">Returns <code>true</code> if this <Code>AuthenticationProvider</Code> supports the
indicated <Code>Authentication</Code> object.
<p>
Returning <code>true</code> does not guarantee an
<code>AuthenticationProvider</code> will be able to authenticate the presented
instance of the <code>Authentication</code> class. It simply indicates it can
support closer evaluation of it. An <code>AuthenticationProvider</code> can still
return <code>null</code> from the <a href="../AuthenticationProvider.html#authenticate(org.springframework.security.core.Authentication)"><code>AuthenticationProvider.authenticate(Authentication)</code></a> method to
indicate another <code>AuthenticationProvider</code> should be tried.
</p>
<p>
Selection of an <code>AuthenticationProvider</code> capable of performing
authentication is conducted at runtime the <code>ProviderManager</code>.
</p></div>
<dl>
<dt><span class="overrideSpecifyLabel">Specified by:</span></dt>
<dd><code><a href="../AuthenticationProvider.html#supports(java.lang.Class)">supports</a></code>&nbsp;in interface&nbsp;<code><a href="../AuthenticationProvider.html" title="interface in org.springframework.security.authentication">AuthenticationProvider</a></code></dd>
<dt><span class="returnLabel">Returns:</span></dt>
<dd><code>true</code> if the implementation can more closely evaluate the
<code>Authentication</code> class presented</dd>
</dl>
</li>
</ul>
<a id="getPreAuthenticationChecks()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getPreAuthenticationChecks</h4>
<pre class="methodSignature">protected&nbsp;<a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a>&nbsp;getPreAuthenticationChecks()</pre>
</li>
</ul>
<a id="setPreAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setPreAuthenticationChecks</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setPreAuthenticationChecks&#8203;(<a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a>&nbsp;preAuthenticationChecks)</pre>
<div class="block">Sets the policy will be used to verify the status of the loaded
<tt>UserDetails</tt> <em>before</em> validation of the credentials takes place.</div>
<dl>
<dt><span class="paramLabel">Parameters:</span></dt>
<dd><code>preAuthenticationChecks</code> - strategy to be invoked prior to authentication.</dd>
</dl>
</li>
</ul>
<a id="getPostAuthenticationChecks()">

</a>
<ul class="blockList">
<li class="blockList">
<h4>getPostAuthenticationChecks</h4>
<pre class="methodSignature">protected&nbsp;<a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a>&nbsp;getPostAuthenticationChecks()</pre>
</li>
</ul>
<a id="setPostAuthenticationChecks(org.springframework.security.core.userdetails.UserDetailsChecker)">

</a>
<ul class="blockList">
<li class="blockList">
<h4>setPostAuthenticationChecks</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setPostAuthenticationChecks&#8203;(<a href="../../core/userdetails/UserDetailsChecker.html" title="interface in org.springframework.security.core.userdetails">UserDetailsChecker</a>&nbsp;postAuthenticationChecks)</pre>
</li>
</ul>
<a id="setAuthoritiesMapper(org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper)">

</a>
<ul class="blockListLast">
<li class="blockList">
<h4>setAuthoritiesMapper</h4>
<pre class="methodSignature">public&nbsp;void&nbsp;setAuthoritiesMapper&#8203;(<a href="../../core/authority/mapping/GrantedAuthoritiesMapper.html" title="interface in org.springframework.security.core.authority.mapping">GrantedAuthoritiesMapper</a>&nbsp;authoritiesMapper)</pre>
</li>
</ul>
</li>
</ul>
</section>
</li>
</ul>
</div>
</div>
</main>

<footer role="contentinfo">
<nav role="navigation">

<div class="bottomNav"><a id="navbar.bottom">

</a>
<div class="skipNav"><a href="AbstractUserDetailsAuthenticationProvider.html#skip.navbar.bottom" title="Skip navigation links">Skip navigation links</a></div>
<a id="navbar.bottom.firstrow">

</a>
<ul class="navList" title="Navigation">
<li><a href="../../../../../index.html">Overview</a></li>
<li><a href="package-summary.html">Package</a></li>
<li class="navBarCell1Rev">Class</li>
<li><a href="package-tree.html">Tree</a></li>
<li><a href="../../../../../deprecated-list.html">Deprecated</a></li>
<li><a href="../../../../../index-all.html">Index</a></li>
<li><a href="../../../../../help-doc.html">Help</a></li>
</ul>
</div>
<div class="subNav">
<ul class="navList" id="allclasses_navbar_bottom">
<li><a href="../../../../../allclasses.html">All&nbsp;Classes</a></li>
</ul>
<div>
<script type="text/javascript"><!--
  allClassesLink = document.getElementById("allclasses_navbar_bottom");
  if(window==top) {
    allClassesLink.style.display = "block";
  }
  else {
    allClassesLink.style.display = "none";
  }
  //-->
</script>
<noscript>
<div>JavaScript is disabled on your browser.</div>
</noscript>
</div>
<div>
<ul class="subNavList">
<li>Summary:&nbsp;</li>
<li>Nested&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#field.summary">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#constructor.summary">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#method.summary">Method</a></li>
</ul>
<ul class="subNavList">
<li>Detail:&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#field.detail">Field</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#constructor.detail">Constr</a>&nbsp;|&nbsp;</li>
<li><a href="AbstractUserDetailsAuthenticationProvider.html#method.detail">Method</a></li>
</ul>
</div>
<a id="skip.navbar.bottom">

</a></div>

</nav>
</footer>
<script>if (window.parent == window) {(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)})(window,document,'script','//www.google-analytics.com/analytics.js','ga');ga('create', 'UA-2728886-23', 'auto', {'siteSpeedSampleRate': 100});ga('send', 'pageview');}</script><script defer src="https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194" integrity="sha512-Gi7xpJR8tSkrpF7aordPZQlW2DLtzUlZcumS8dMQjwDHEnw9I7ZLyiOj/6tZStRBGtGgN6ceN6cMH8z7etPGlw==" data-cf-beacon='{"rayId":"7040d1208b9e980c","token":"bffcb8a918ae4755926f76178bfbd26b","version":"2021.12.0","si":100}' crossorigin="anonymous"></script>
</body>
</html>
